CyberSec.Space Logo
返回 CVE 浏览器

CVE-2010-4324

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.1880%
EPSS Percentile42.55th
Published2011年1月7日
Last Modified2026年4月29日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected Platforms (CPE)

📦
Novell

Identity Manager

All versions
📦
Novell

Identity Manager Roles Based Provisioning Module

<= 3.7.0

References & Advisories

🔗 http://osvdb.org/70298
🔗 http://secunia.com/advisories/42819
🔗 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html
🔗 http://www.securityfocus.com/bid/45692
🔗 http://www.securitytracker.com/id?1024941
🔗 http://www.vupen.com/english/advisories/2011/0038
🔗 https://bugzilla.novell.com/show_bug.cgi?id=653516
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/64501

相关漏洞威胁

CVE-2020-202110.0

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option i...

CVE-2017-1015110.0

Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported vers...

CVE-2020-1184410.0

Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Ma...

CVE-2011-313510.0

Unspecified vulnerability in the Runtime in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated...